OpenVPN Client Tunnel Advanced Watchdog Script Donation

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Advanced Networking
Goto page Previous  1, 2
Author Message
daniello
DD-WRT Novice


Joined: 03 Jul 2015
Posts: 48

PostPosted: Sat Sep 15, 2018 4:20    Post subject: Reply with quote
Quote:
IF you disable your vpn, make sure and stop the cron job under ADMINISTRATION...MANAGEMENT .... CRON... Otherwise the.script will keep trying to restart thr OpenVPN Daemon every time the cron runs!


My VPN was up now a couple of days so I was quite comfortable with everything. But today I added those firewall stop start lines at the end of the script and did some testing.

The quoted note tells me that if I disable my vpn client and wait for the minute (cron line is there) it should restart. But on my router it doesn't.

Also, if I stop vpn client and run the check:

Code:
/bin/sh /jffs/sw_watchdog/sw_watchdog


My router needs to be unplugged becase the "doing something" animation never stops. As soon as VPN is working the check is fine.

Hmm .. somehting is still fishy .. anyone?
Sponsor
sploit
DD-WRT User


Joined: 16 Apr 2016
Posts: 302
Location: California

PostPosted: Fri Dec 21, 2018 0:44    Post subject: Yes, your existing setup Reply with quote
Yes, what is fishy is your existing setup.

If you read what I stated, it says "This Assumes a VIRGIN Install"

You obviously had an existing setup and it wasnt a brand new install.

IF your router already had JFFS enabled, there wasnt any reason to run the JFFS enabler Script.

Also, some versions of ddwrt for different routers require slightly different JFFS options .

What router model are you using.

_________________
My Karma ran over your Dogma
SploitWorks Custom Flashed Routers
daniello
DD-WRT Novice


Joined: 03 Jul 2015
Posts: 48

PostPosted: Fri Dec 21, 2018 6:12    Post subject: Reply with quote
Hi,

it's a TP-Link TL-WR710N (EU) v1.2.
sploit
DD-WRT User


Joined: 16 Apr 2016
Posts: 302
Location: California

PostPosted: Fri Dec 21, 2018 6:26    Post subject: That ... Reply with quote
That router model is lucky to run ddwrt on it, it uses a very small build.

Small builds of ddwrt are missing smaller apps also.

I dont have any routers with small builds to test on :/

Interesting...

_________________
My Karma ran over your Dogma
SploitWorks Custom Flashed Routers
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 3781
Location: Netherlands

PostPosted: Sat Apr 27, 2019 17:00    Post subject: Reply with quote
@Sploit thanks for your work.
I propose a slight modification which only kills the OpenVPN client.
At this moment the script also kills my OpenVPN server.

I propose to replace the command:
Code:
killall openvpn

by:
Code:
kill $(cat /tmp/var/run/openvpncl.pid)


Alternatively you can use:
Code:
for pid in $(ps | grep openvpncl | head -n-1 | awk '{print $1}'); do kill -9 $pid; done


I have attached the script for reviewing by all you good and knowledgeable people Smile

_________________
Routers:Netgear R7800, Netgear R6400v1, Netgear R6400v2, Linksys EA6900 (XvortexCFE), Linksys E2000 (converted WRT320N), WRT54GS v1.
Install guide Linksys EA6900: http://www.dd-wrt.com/phpBB2/viewtopic.php?t=291230
Simple PBR (Policy Based Routing) script: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=318662
Install guide R6400v2:http://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
OpenVPN server setup guide:
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=318795
Install guide R7800: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
sploit
DD-WRT User


Joined: 16 Apr 2016
Posts: 302
Location: California

PostPosted: Sun Apr 28, 2019 0:54    Post subject: I will add it to the new beta Reply with quote
I will add it to the new beta as a option flag turned on by default. The New Beta is awesome.
_________________
My Karma ran over your Dogma
SploitWorks Custom Flashed Routers
johnday29
DD-WRT Novice


Joined: 17 Sep 2012
Posts: 18

PostPosted: Sat Jul 20, 2019 1:49    Post subject: Re: I will add it to the new beta Reply with quote
sploit wrote:
I will add it to the new beta as a option flag turned on by default. The New Beta is awesome.


where can I find your new beta?
plawer
DD-WRT Novice


Joined: 11 Aug 2019
Posts: 9

PostPosted: Sat Aug 31, 2019 3:03    Post subject: Reply with quote
I have modified the script a bit for my use.

    Getting the address from what's set in the normal WDS setting in nvram
    Getting the tunnel interface from the config file
    Trimmed the ping size
    Removed the temp ping file and just using the ping exit code
    Removed most of the echo's
    Added a syslog message when it restarts to make it easier to see that it restarted
    And building the script in the startup section to eliminate the need for JFFS



Code:

mkdir -p /tmp/vpnwatchdog/
echo '
#!/bin/sh
script_loc="/tmp/vpnwatchdog/"
test_add=$(nvram get wds_watchdog_ips)
tun_inf=$(cat /tmp/openvpncl/openvpn.conf | grep "dev " | cut -d " " -f 2)
redundancy_check="on"
wd_script=$script_loc"vpnwatchdog"
pings=1
while [[ $pings -lt 5 ]]
do
   if ping -c 1 -n -W 1 -q -s 8 $test_add -I $tun_inf > /dev/null
   then
      exit 0
   fi
   pings=$((pings+1))
done
logger -p cron.err VPNWatchdog: Unable to ping [$test_add] via [$tun_inf]. OpenVPN Client restarting.
echo "VPNWatchdog: Unable to ping "[$test_add]" via "[$tun_inf]". OpenVPN Client restarting."
sh /tmp/openvpncl/route-down.sh
sleep 2
kill $(cat /var/run/openvpncl.pid)
sleep 5
openvpn --config /tmp/openvpncl/openvpn.conf --daemon
sleep 20
sh /tmp/openvpncl/route-up.sh
sleep 10
if [ "$redundancy_check" = "on" ]; then
      sh $wd_script
fi
if [ "$redundancy_check" = "off" ]; then
      echo "."
fi' > /tmp/vpnwatchdog/vpnwatchdog
chmod 755 /tmp/vpnwatchdog/vpnwatchdog
wcnngt
DD-WRT Novice


Joined: 06 Dec 2011
Posts: 13

PostPosted: Fri Sep 20, 2019 4:21    Post subject: Reply with quote
I could not get the jffs to work. How can I use your script? Can I put all the script in command and run command? Thanks.

plawer wrote:
I have modified the script a bit for my use.

    Getting the address from what's set in the normal WDS setting in nvram
    Getting the tunnel interface from the config file
    Trimmed the ping size
    Removed the temp ping file and just using the ping exit code
    Removed most of the echo's
    Added a syslog message when it restarts to make it easier to see that it restarted
    And building the script in the startup section to eliminate the need for JFFS



Code:

mkdir -p /tmp/vpnwatchdog/
echo '
#!/bin/sh
script_loc="/tmp/vpnwatchdog/"
test_add=$(nvram get wds_watchdog_ips)
tun_inf=$(cat /tmp/openvpncl/openvpn.conf | grep "dev " | cut -d " " -f 2)
redundancy_check="on"
wd_script=$script_loc"vpnwatchdog"
pings=1
while [[ $pings -lt 5 ]]
do
   if ping -c 1 -n -W 1 -q -s 8 $test_add -I $tun_inf > /dev/null
   then
      exit 0
   fi
   pings=$((pings+1))
done
logger -p cron.err VPNWatchdog: Unable to ping [$test_add] via [$tun_inf]. OpenVPN Client restarting.
echo "VPNWatchdog: Unable to ping "[$test_add]" via "[$tun_inf]". OpenVPN Client restarting."
sh /tmp/openvpncl/route-down.sh
sleep 2
kill $(cat /var/run/openvpncl.pid)
sleep 5
openvpn --config /tmp/openvpncl/openvpn.conf --daemon
sleep 20
sh /tmp/openvpncl/route-up.sh
sleep 10
if [ "$redundancy_check" = "on" ]; then
      sh $wd_script
fi
if [ "$redundancy_check" = "off" ]; then
      echo "."
fi' > /tmp/vpnwatchdog/vpnwatchdog
chmod 755 /tmp/vpnwatchdog/vpnwatchdog
Goto page Previous  1, 2 Display posts from previous:    Page 2 of 2
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum